Legal claims defining the scope of protection. Each claim is shown in both the original legal language and a plain English translation.
1. A system for securing and tracking a restricted file, the restricted file being stored locally in an encrypted format, the system comprising: a data processing system comprising a microprocessor, wherein the data processing system is configured to: receive a first request from an entity, wherein the first request is received for executing at least one operation of a first set of operations on the restricted file; authenticate the entity for executing the at least one operation of the first set of operations on the restricted file, wherein the entity is authenticated each time the entity attempts to perform an operation; receive a second request from the entity, wherein the second request is received for executing at least one operation of a second set of operations on the restricted file; authenticate the entity again for executing the at least one operation of the second set of operations on the restricted file; and encrypt content of the restricted file in response to the second request.
A system secures and tracks a restricted, locally stored, encrypted file. It uses a data processing system (computer) with a microprocessor. The system receives a request from a user (entity) to perform an operation (like opening or editing) on the file. The system authenticates the user *every* time they try to do *anything* with the file. If authenticated, a second request to perform a second operation triggers encryption of the file's content, adding an extra layer of security.
2. The system according to claim 1 , wherein the data processing system is further configured to: intercept the second request from the entity; and forward the encrypted content to the entity.
In addition to the file security system described previously, when a user attempts a second operation on the file, the system intercepts that request. After encrypting the file's content, the system forwards the now-encrypted content to the user instead of the original, decrypted content, maintaining the file's secured state.
3. The system according to claim 1 , wherein the data processing system is further configured to: authenticate the entity; maintain a log of events executed on the restricted file; and communicate with a server.
Expanding on the core file security system, the data processing system authenticates users, maintains a log of all actions performed on the restricted file (like opening, editing, saving), and communicates with a central server for policy updates and reporting.
4. The system according to claim 3 , wherein the data processing system is further configured to communicate with the server to receive authentication policies.
Building on the system that logs actions and communicates with a server, the data processing system uses its server connection to actively receive authentication policies. This means the server dictates who is allowed to access what and under what conditions, providing centralized control over file access.
5. The system according to claim 3 , wherein the data processing system is further configured to forward the log of events executed on the restricted file to the server.
In addition to authenticating users, logging file actions, and communicating with a server, the system forwards the log of events executed on the restricted file to the server. This provides a central audit trail of all activity related to the secured file.
6. The system according to claim 1 , wherein the data processing system is further configured to decrypt the content of the restricted file.
Expanding on the core system which encrypts the content of the restricted file, this system can also decrypt the content of the restricted file. This is most likely performed to allow authorized users to view or modify the file, only after successful authentication.
7. The system according to claim 1 , wherein the data processing system is further configured to forward the encrypted content to the entity, the entity executing the at least one operation of the first or second set of operations on the encrypted content, wherein the execution of the at least one operation on the encrypted content protects the restricted file from being misused, wherein the restricted file is under a control of the data processing system.
Beyond encrypting files and authenticating users, the system forwards encrypted content to the user after encryption when a user attempts to operate on the file. The user then performs actions on this encrypted data, protecting the underlying file from misuse because the restricted file is controlled by the data processing system.
8. The system according to claim 1 , wherein the data processing system is further configured to intercept requests sent by the entity.
Expanding on the file security system, the data processing system intercepts all requests sent by the user related to the restricted file. This allows the system to control access and monitor operations before they occur.
9. The system according to claim 1 , wherein the data processing system is further configured to determine whether the authenticated entity is allowed to perform the at least one operation of the first or second set of operations on the restricted file from a set of authorized operations associated with the authenticated entity.
The system determines if an authenticated user is permitted to perform the requested action on the restricted file. It checks a list of authorized operations associated with that specific user. This provides granular control over file access, where each user has a specific set of permissions.
10. The system according to claim 1 , wherein a command is used by the entity for performing the first or second set of operations on the restricted file.
The user interacts with the file security system using commands to perform actions like opening, saving, or editing the restricted file. These commands trigger the authentication and security mechanisms within the system.
11. The system according to claim 1 , wherein the steps of receiving, authenticating, and encrypting, are performed within a limited period of time when the system is disconnected from a server.
The system can operate, including receiving access requests, authenticating users, and encrypting content, even when temporarily disconnected from a central server. These actions are performed within a limited timeframe while offline, suggesting cached policies or temporary credentials.
12. The system according to claim 1 , wherein the first or second set of operations on the restricted file comprises opening and reading the restricted file.
The operations users perform on the restricted file, which the system secures, include opening and reading the file. This specifies that the system protects even basic access to the file's contents.
13. The system according to claim 1 , wherein the first or second set of operations on the restricted file comprises saving the restricted file to a new location.
The operations users perform on the restricted file, secured by the system, include saving the restricted file to a new location. This specifies that the system can protect the file even when a user tries to make a copy.
14. The system according to claim 1 , wherein the content of the restricted file is associated with a unique identifier, wherein the unique identifier facilitates in identifying and tracking the at least one operation of the first or second set of operations being performed on the restricted file.
The system associates a unique identifier with the content of the restricted file. This identifier facilitates tracking and identifying operations performed on the file, enabling detailed auditing and control.
15. The system according to claim 1 , further comprising forwarding the encrypted content for execution of the first or second request in response to encryption of the content.
After encrypting the content of the restricted file, the system forwards the encrypted content for execution of the requested operation. This ensures that all operations are performed on the encrypted data, thus maintaining security.
16. A system for securing and tracking a restricted file, the restricted file being stored locally in an encrypted format, the system comprising: a data processing system comprising a microprocessor, wherein the data processing system is configured to: receive a request from an entity, wherein the request is received for executing at least one operation of a set of operations on the restricted file; authenticate the entity for executing the at least one operation from the set of operations on content of the restricted file; cache header data of the restricted file, wherein the caching comprises receiving the restricted file and saving the header data; and decrypt the content of the restricted file except the header data if the authentication is successful, wherein the header data of the restricted file is not decrypted to prevent secure data in the header data from being interpreted by the entity.
A system secures and tracks a restricted, locally stored, encrypted file using a data processing system. When a user requests access, the system authenticates them. The system caches the header data of the restricted file by saving this header information. If authentication succeeds, the system decrypts the file's content, except for the header. The header is kept encrypted to prevent secure data within it from being accessed or interpreted by the user.
Unknown
November 18, 2014
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.